Vulnerability Details CVE-2007-5262
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname fields in a "0x01" packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://aluigi.altervista.org/adv/dropteamz-adv.txt
- http://secunia.com/advisories/27107
- http://securityreason.com/securityalert/3202
- http://www.securityfocus.com/archive/1/481616/100/0/threaded
- http://www.securityfocus.com/bid/25943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36974
- http://aluigi.altervista.org/adv/dropteamz-adv.txt
- http://secunia.com/advisories/27107
- http://securityreason.com/securityalert/3202
- http://www.securityfocus.com/archive/1/481616/100/0/threaded
- http://www.securityfocus.com/bid/25943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36974
Products affected by CVE-2007-5262
-
cpe:2.3:a:battlefront:dropteam:*